Slashdot Mirror
Google Proposes Changes To Chromium Browser That Will Break Content-Blocking Extensions, Including Various Ad Blockers
"Google engineers have proposed changes to the open-source Chromium browser that will break content-blocking extensions, including various ad blockers," reports The Register. "The drafted changes will also limit the capabilities available to extension developers, ostensibly for the sake of speed and safety. Chromium forms the central core of Google Chrome, and, soon, Microsoft Edge." From the report: In a note posted Tuesday to the Chromium bug tracker, Raymond Hill, the developer behind uBlock Origin and uMatrix, said the changes contemplated by the Manifest v3 proposal will ruin his ad and content blocking extensions, and take control of content away from users. Manifest v3 refers to the specification for browser extension manifest files, which enumerate the resources and capabilities available to browser extensions. Google's stated rationale for making the proposed changes is to improve security, privacy and performance, and supposedly to enhance user control.
But one way Google would like to achieve these goals involves replacing the webRequest API with a new one, declarativeNetRequest. The webRequest API allows extensions to intercept network requests, so they can be blocked, modified, or redirected. This can cause delays in web page loading because Chrome has to wait for the extension. In the future, webRequest will only be able to read network requests, not modify them. The declarativeNetRequest allows Chrome (rather than the extension itself) to decide how to handle network requests, thereby removing a possible source of bottlenecks and a potentially useful mechanism for changing browser behavior. The report notes that Adblock Plus "should still be available" since "Google and other internet advertising networks apparently pay Adblock Plus to whitelist their online adverts."
But one way Google would like to achieve these goals involves replacing the webRequest API with a new one, declarativeNetRequest. The webRequest API allows extensions to intercept network requests, so they can be blocked, modified, or redirected. This can cause delays in web page loading because Chrome has to wait for the extension. In the future, webRequest will only be able to read network requests, not modify them. The declarativeNetRequest allows Chrome (rather than the extension itself) to decide how to handle network requests, thereby removing a possible source of bottlenecks and a potentially useful mechanism for changing browser behavior. The report notes that Adblock Plus "should still be available" since "Google and other internet advertising networks apparently pay Adblock Plus to whitelist their online adverts."
If the DOJ (no particular friend of Big Tech in this Administration) wanted an excuse to probe Google with the FTC for some anti-trust discovery, this would be a quick ticket.
The world's dominant browser requiring that the world's dominant ad network always be displayed would be a wonderful reason to force a divestiture of one or the other (or, preferably, split everything up into components).
Hire a Linux system administrator, systems engineer,
Wow, the company that makes 90% of the its profits from advertising is trying to use the open source projects it near controls, that has a near monopoly on web browsers now... to stop adblockers from existing...
It's a coincidence surely. *Hugs Firefox*
Word to the wise: wget https://dl.google.com/linux/di... Rather than using the online "installer" that does the download. Keep older versions on some share, it may protect you from this "upgrade".
The report notes that Adblock Plus "should still be available" since "Google and other internet advertising networks apparently pay Adblock Plus to whitelist their online adverts."
So there will still be an API that works, if you play their game..
As now there's only literally one major browser out there, and the vendor is Google, why would it care about content blocking? The sooner it kills actual content blocking in Chromium, the more profit they will get.
Ironically, using Firefox may not only for saving the Web in the future. It's also about saving yourself. Hopefully Mozilla won't be stupid enough to follow, or they actually may not deserve to suivive.
In the future, webRequest will only be able to read network requests, not modify them.
They're doing it to increase browser speed. How wonderful of them. It's not like you *have* to install extensions that use this feature or anything. And most/all of their clones will follow suit.
In The Future, I guess I won't be using Chrome-ish. Lynx, here I come! (Or maybe not.)
If the universe is someone's simulation -- does that mean the stars are just stuck pixels?
Since Mozilla recently also adopted the same plug-in interface for Firefox I'm guessing this is going to affect Firefox as well.
Would Mozilla and developers be willing to split from Google's way?
I wonder if there is a way to still block ads based on somehow modifying your host files? Does anyone make software like that, that will let us manage our host files?
I use a proxy auto-config file to filter out ads. It used to work perfectly, but thanks to one change, it's little better than a hosts file now: They decided that passing the full URL to the PAC file was a security issue for https sites. Now I can't filter out ads from the same server as real content since almost everything is https now. Fortunately, most ads are on separate servers, so it still works. In a pinch, there is a browser setting that will tell it to send the full URLs, and I might switch that on if I find a site that is particularly annoying. The advantage the PAC file has is that I can use a magic URL as a flag to turn ad blocking on or off as needed, such as to test if a page display error is due to the blocking.
Opera Software AS. It is a Chromium-based browser using the Blink layout engine. Opera differentiates itself with a distinct user interface and other features. It is sponsored by Google and has the Google search engine as part of its GUI https://en.wikipedia.org/wiki/...
Wow there are a lot of browsers that use Chrome, RIP them. This probably has something to do with the fact that Edge adopted Chrome. Google really wants to exploit those 3rd party browsers. These days Google is more of a marketing company than a tech company. RIP Chrome.
Why does an ad-blocker need to be an extension or add on program? Nortons years ago had a built in ad-blocker, worked great so so we really need to be tied to what the browser makers do and just add a filter before it gets to the browser? I am not a coder,so..
Jack of all trades,master of none
Google introduces a quasi-ad-blocker. . Shocking that they want all other ad blockers to die by breaking compatibility. Then, figure that 90% of users never seek out another blocker, and Google's ads get back through.
Your ad here. Ask me how!
What goes around, comes around? Why does this not surprise me? Perhaps it's because the W3C has had fingers in corporate pockets and pants legs for as long as it's existed, and serves the corporate presences on the Web and not the "useless eaters" who consume it? The HTML spec has long been saddled with additions that benefit that corporate control of the Web. Why should it surprise anyone that one of the biggest corporate presences wants to take further control through use of its own browser?
So the Resistance is now back to using HTTP filtering proxies like the dead Proxomitron and Privoxy to try to take back the Web from corporate control. Good luck with that. Nobody really gives a shit any more. Instead of more such independent proxies and more refinements to them to make them truly user-friendly, we got the horrifically bad idea of BROWSER EXTENSIONS... and those extension developers got pwned even by Mozilla after the trap was sprung.
Everything Google touches either IS shit or turns to shit.
There should be some law named after someone about how once any business gets large enough, they're predestined to go full scumbag. As in crapping on customers, destroying the environment, causing financial chaos, etc. That moment when "How bad can I be?" becomes "How bad can I be?"
---
DRM is like antifreeze, to the MPAA/RIAA it's sweet, to the consumers it's poison.
Right now it intercepts the request and says "don't make that one".
Is it possible that the browser makes the request and gets the file, but you tell it "don't load that one"?
So, essentially, the network traffic still happens, but the file isn't active/usable.
I refuse to sign
Is the Brave browser still being developed?
If I had a DeLorean... I would probably only drive it from time to time.
https://brave.com/ Yes but it also uses chromium so it updating might need a new rendering engine soon enough.
This should help get Firefox user numbers back up.
"When information is power, privacy is freedom" - Jah-Wren Ryel
And the second best time is today.
Cry me a river... We don't need the DOJ doing jackshit as long as Google is still providing the full source code to Chromium. Just make a few tweaks to the source code and boom, ad blocking is back in business. Sure, the change sucks for extensions like uBlock Origin, who will likely lose users as people find new ways of ad blocking, but it's not like the bad old days of closed source Internet Explorer.
Brave Browser is based on Chromium's rendering engine and provides ad blocking built-in, no extensions necessary. It's already here and works pretty darn good.
The browser has to do it because you can direct it using an extension to block html classes, ids, maybe even tags and domains. Blocking just domains (aka hosts blocking) doesn't work in the long run if the site is coded well enough that it uses the same origin for ads and regular files, so the extra power is partially up to the browser to handle everything else.
I use Firefox with uBlock Origin, and I also use the MVPS Hosts file... both on my home and work computers.
I stopped trusting Google when they were bundling Google Desktop with new computers.
Back to Privoxy/Promoiyton? Why do you think Google spent 5 years convincing everyone HTTPS was necessary, even for static, low-risk pages?
Your ad here. Ask me how!
Pichai's law? Page's law?
The story is nonsense adblocker plus you right click the mouse button and select block ad on any website that it does not recognise the ad. Adblocker plus is ad blocking customisable
Yeah, you can tell it if you want it to allow acceptable ads through or nah, as well as add custom filters and subscribe to custom lists.
I don't really have any opinion on ads--my problem is pretty much entirely because I noticed that a lot of them were being used to inject malware onto sites, and the easiest way to fix that problem on the end user side? Ad blockers. (The adservs could probably do an even better job, if they were willing to actually vet the ads, but they're not. Maybe if they were put in a position where running bad ads will cost them a sufficiently large sum of money, they'd start caring.)
Run Pi-Hole instead and point your DNS to your Pi-Hole system?
https://pi-hole.net/
Pi-Hole doesn't have to run on a Raspberry Pi. Run a small VM, another Linux box, etc.
I have a home server running a Ubuntu VM alongside a bunch of Windows systems, so Pi-Hole would work for me.
Still, way more overhead and complexity than uBlock Origin.
Firefox time.
While not perfect, it seems to me that a filtering proxy would take care of a lot of ads, at least those from 3rd party ad-servers.
-- Alastair
East India Company Law? Or does it go back further?
If you read the spec it's that they are thinking of moving the blocking ability to declarativeNetRequest from webrequest. They will need to rewrite some of their code but it should all still work as expected.
www.moonnext.com
What did users expect?
To get a service and block approved ads?
Find a real OS and a real browser that lets the user block ads.
Domestic spying is now "Benign Information Gathering"
Hello Firefox
Local proxies are still allowed. And likely always will be if they want the corporate market share (this is the reason tls 1.3 got blocked for a year). Add your proxy's CA to your trusted certs and it can mogrify all the pages you send its way, regardless of security or origin. Granted, you can no longer see the original certificate from the origin webserver, but block ads it will.
Google is making this change because filtering malicious javascript and advertizing from web pages by the "web client" (ie, the browser) is ruining their business model which is completely and entirely based on the "web client" executing malicious javascript and displaying advertizing contrary to the interest of the owner of the device on which that malicious javascript is running and on which the advertizing is being displayed, at the expense of that owner (who is paying to transport that unwanted malicious javascript and advertizing).
Therefore, Google has two choices: Make is so that people using "Chrome" based crap cannot protect themselves from malicious javascript and advertizing (99% of which is promulgated by Google) or just close up shop and go out of business.
Because they are a bunch of greedy fucks who do not actually have a product any non-sleezebag would want to actually spend money on (and therefore no actual business model other than being a shitbag), the have decided to pursue the former course rather than the latter.
Of course, it also helps that 99.999999% of the people who use their products do not give a shit anyway and are too stupid to only use products which are not inherently malicious.
In other words -- follow the money.
That was practical when most of the internet was HTTP, but now it's mostly HTTPS (Encrypted) and there's no good way to intercept and modify content before it hits the browser.
Technically, there are methods that add a suite of trusted certificates for the middle-ware, but they all have very significant drawbacks that either make the browser less-safe (by presenting valid, safe certificates for sites whose original certificate is less-so) or by the browser not trusting the content.
The best place to catch ads, malware, etc. is now in the browser, after it's already been decrypted by the browser, and prior to rendering the content.
If they do this, then, someone is just going to fork it and take restrictions right back out.
Bye bye Chrome
Bye bye Edge
Bye bye Opera
Clearly "Don't be evil" went out riding the coattails of the previous government administration and its anointed successor.
You might have missed the bits where Mozilla took time to collaborate with extension authors (such as NoScript) in order to add extra functionality, so that critical things which were possible in XUL extensions could be ported to FireFox' flavour of Web Extension.
The only extensions that didn't make the jump were either abandoned, or those whose authors preferred to loudly complain and join sone "anti-WebExtensions resistance" instead of trying to work out a solution.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
There are plenty of reasons but here is the simplest: because when you're dealing with HTTPS traffic, if you want to inspect or modify it, you MUST be listening at one of the endpoints, which here means inside the browser.
I do it all the time: https://someonewhocares.org/ho...
I fully respect the disdain for all things Alphabet Soup (formerly known as Google Inc) but the specs to chrome.declarativeNetRequest appear to suggest a different extension programming model to accomplish the same thing.
Instead of loading a separate web document (as webRequest API does) the new API allows an extension to run through its rules at the onBeforeRequest stage -- in other words, instead of intercepting a separate network request mid-stream the API provides the means to evaluate the network request BEFORE going all the way through.
Another way to look at it is like a (network routing) proxy service. The proxy runs through client-side rules first (whereby the rules.json may have "block" and "allow" and "redirect" action types) and reacts accordingly all BEFORE dropping mid-stream packets.
As I ponder this a bit more, it seems that an ad-blocking extension that utilizes the new declarativeNetRequest API would actually DECREASE the amount of hits an ad-server would experience since the browser would never initiate a connection to the ad-server. To this end, the specs say that iframes and images blocked by the declarativeNetRequest API would collapse at the DOM (thus killing the html content within the iframe from ever being loaded).
Question: Did I understand the SPECS correctly? (Yes, I am ignoring the brouhaha otherwise as well as the claim that [oh no] ad blockers have a new API at their disposal...)
Since websites will assume if you are using firefox, you must be blocking ads. This will be a fom of drm and more websites will be going chrome only to ensure thir ads will be seen. Chrome has acheived the browser monopoly after we fought so hard to get rid of Internet Explorer.
You don't seem to grasp how much flexible Proxomitron and Privoxy are than something as simplistic as Pi-Hole. They don't just block advertising: they can REWORK PAGES to display information in a fashion that is effective for you, and NOT display page elements that distract from your goal, regardless whether those elements are advertising, site self-promotion, sidebars you don't need, and far more.
Don't you get sick of having a widescreen monitor yet so many Web pages are imprisoned by their designer in a narrow column that only benefits that designer's "vision"? Don't you ever find yourself wanting to overrule the stupid or selfish decisions that Web designers make? You could do that are more with Proxomitron, because it was designed specifically to be more generalized than just an ad-blocker. Before Proxomitron's sole author died and the software lapsed into obsolescence, I used it for all of the above, and my Web experience was dramatically improved, because it was MY OWN.
Instead of promoting Pi-Hole, you should be promoting a revived open-source community edition of Proxomitron.
Are you new here? That solves nothing at all! What alternative browser shall you use? Mozilla? Mozilla is still in bed with corporate sugar daddies and quietly does their bidding in large part (because to not do so means no more shugga from daddy), and the W3C is still dominated by a corporate oligarchy and corporate motives, and the HTML and other specs are still designed to serve THEM and not us.
Say hello to your Web overlords. They control your Web browsing regardless what browser you use.
uBlock Origin + uMatrix = no ads at all in youtube with Firefox
Today I received a message that the web version of Skype will not longer be supported on Firefox and I should switch to Edge or Chrome. In theory I can install Skype on the Desktop but they change the interface far too often and make the application run very poorly. Will companies stop supporting browsers that are not based on Chromium in the future?
Browsers have started to implement DNS-over-HTTPS and it's only a matter of time before Google enforces it in the future.
hundreds of others which integrate(d) deeply with the browser.
If an extension is deeply integrated into the interface of the browser, you might expect that when this interface change, there'll be some work involved.
Tab Mix Plus
is in the process of being re-written (but still isn't on par with the classic on)
Hide Caption Titlebar Plus
...is a function that is now directly supported into Firefox with client-side decoration. No need for extensions.
Status-4-Evar
The interface of Quantum is based on Servo, it's not using XUL anymore, it's written in HTML/CSS. You don't control it the same way any more.
It's like complaining that MS-DOS screen savers and always on top status-bar thingy don't work on the Windows desktop.
Quantum *does* support a permenent status bar, but currently there's no interface to configure it, you need to manually patch the CSS.
It's not ideal, but there's no practical way ever to make Status-4-Evar work in Quantum.
DownThemAll
And meanwhile, the Firefox extensions used by JDownloader 2 to communicate does work with Quantum.
In both directions (intercepts download pages and allows you to add them into JDownloader 2, or conversely has JDownloader 2 able to open pages in Firefox when a user interaction is needed).
For a download manager *IN* Firefox : the necessary API extensions are still being worked on.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Seems like Google's gone off the deep end lately. Their search results have gone to shit, to the point where I'm getting more relevant results with bing or duckduckgo, they're pissing off all the YouTube content creators, they seem to be focusing on making the Android Platform useless and annoying and they're shutting down Google Plus after jamming it down our throats just a couple years ago. If I didn't know any better, I'd say they're trying to drive their customers away. And they're alienating a large chunk of their workforce with their projects supporting the military and authoritarian regimes. Should someone explain to them that "Make everyone hate you," really isn't a good business plan? Because the internet is starting to realize that Google is a disease, and it's really hard to come back from that point.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
I wouldn 't trust that, it would be unsurprising if google checks to see if they can reach their ad servers via non proxy connection and use that regardless of your settings if they can.
I've just bought a raspberry PI to create a PiHole to deal with intrusive tracking and adverts.
Microsoft adding adverts to my lock screen in win10 really is not funny. Google is just as bad and stuff like this is why chrome is not installed on my PC, I prefer firefox anyway. Chrome constantly hits your disk even when its not open.
You cannot trust these companies to not exploit your data at every turn so you gotta take control back and block access to your network.
This was supposed to get better with GDPR but it was so poorly implemented that its just made websites worse. You have to turn on 3rd party cookies for the tracking websites to remember you don't want them to track you. That's just backwards like opening your bank vault door to keep out thieves. Also every damn website that 'cares about your privacy' also puts a popup with more clicks to stay opted out than to opt back in even if you have already opted out.
pi-hole or pfSense+pfBlockerNG can block nearly every ad at the network level, making all devices on your network nearly ad free with zero client configuration.
Problem is you can't add your own certificates to many devices, e.g. smart TVs.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
PiHole is better than nothing, but DNS based blocking is very limited these days compared to what an in-browser ad blocker can do.
For example, it can't do much about ads served from the same host as the content. It can't do pattern matching based on the URL. It can't selectively disable Javascript, e.g. to disable 3rd party scripts. It can't stop auto-play videos.
It doesn't work with YouTube either. Currently PiHole can't block YouTube ads, much to my annoyance.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Is there a mechanism that lets you bypass those interstitial ads that youtube injects in the middle of a video?
By pro corporate anti regulation folks. There's no shortage of alternative browsers either so you'll have a tough time arguing anti competitive is a thing here.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
Actually that is possible with PiHole. It's the pre-roll ads it can't block.
Until Google changes the domain names of the interstitial ad servers.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
The constant deluge of popups from sites that have detected my ad blocker is driving me up the wall these days. I'm thinking of going to Pihole just so they won't be able to harass me about using an in-browser ad blocker any more.
Have you read my blog lately?
PiHole is better than nothing, but DNS based blocking is very limited these days compared to what an in-browser ad blocker can do.
There's a third option, which is to use a proxy. I used to use a filtering [SQUID] proxy to block ads, and it was moderately effective even without much effort spent on it. There are all the usual proxy disadvantages, but it can rewrite pages before they even get to your browser, and it's the only solution which can. I mangled packets to force all identifiable web traffic through the proxy, unless you specifically chose a specific proxy port which permitted unfiltered content.
DNS blocking is more or less worthless today, although I suppose there's no great reason not to do it. But proxy-based blocking still works great, where you have control over where traffic goes. If we could have a proxy with a nice configuration interface, that would probably be the best bet. It's hardest for the googles of the world to defeat. Android users who can't root will still have problems on the road, but people who can't be made to understand why they need a rootable device probably just can't be saved.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Problem is you can't add your own certificates to many devices, e.g. smart TVs.
You might be able to add your own certs to some smart TVs with enough effort, but the smartest thing is not to buy such devices in the first place. They're less reliable than dumb devices, so that alone should be enough to disqualify them. It's not like an external player is expensive or takes up any noticeable space, so they really offer nothing of value.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
The problem with proxies is that you can't load your own certs on to things like smart TVs. Also I think Google has pinned certs in its apps for things like YouTube anyway.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
This is irritating as it upsets my plans for end-to-end Web encryption. By which I mean encryption of the data on the server so that the server has no access to it. The only things that are on the server are encrypted data blobs and a pile of random numbers.
By end-to-end Web I mean that you will be able to set up comment forums like slashdot, read email in a Web browser and everything else you are accustomed to doing on the Web but without any of the plaintext content being accessible to the server.
The technical basis for this scheme was worked out in the 1990s and then patented by a completely unrelated company which merely sat on the patent till it expired last year. It uses meta-cryptography which is a property of the Diffie Hellman schemes that if you add two private keys, the corresponding public key is the product of the public keys, etc. Matt Blaze, Torben Pedersen and others worked out how to apply these effects to achieve an effect they considered interesting but insufficient. My contribution is merely to show that the simple scheme is more than enough to do interesting things.
So now I need to work out how to hook into the browser. One possibility is to present the decryption module as a new compression scheme. It looks like a compression scheme in other respects. It just requires the host to have access to a private key capable of completing the decryption.
Any help would be appreciated: hallam@gmail.com
The project site is mathmesh.com but that is of the previous approach which has been superseded in the reference code but not yet documented.
[Oh and yes, I do know what I am doing sort of, I have probably considered the corner case you have just thought up. This has been in discussion for many years with serious protocol design people.]
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
I try to use Firefox as much as possible, but the browser is often a resource hog, heating up the laptop with fans screaming. It's a bit like me. Old and bloated, unable to change to meet the requirements of the modern and Agile world. Plus hooked to Google, wanting to be Chrome and all that.
The rest of the browsers seem niche products and are based on Chromium, so is that really a good way forward? Opera, Brave, .. Not that I know much about those details. Anyway, dear fellow nerds, could someone who knows, educate the rest ..
No, it wasn't. It was never true.
This will just cause people to not update and decrease web security as a whole. There is no way I am updating my browser if it is going to break my Adblock.
WTF?
If Google makes a change like this, then most Chromium-based web browsers will either switch to some other basic engine, or would disappear.
Then everyone will hardcode "Chrome" into the User-Agent header of http requets... just as everyone already hardcodes "Mozilla" into the User-Agent string today.
And how are you going to alter the page without breaking https? One reason Proxomitron and its likes don't work well anymore, is that they would be in effect "man in the middle" changing content, which is the same problem web cache or accelerators (compress, replace bloated pictures, etc) face.
Privoxy IIRC was pretty much superceded by polipo...
BTW "Reworking" a page can still be done at the end side (browser) by the likes of greasemonkey or stylus.
Artix
Your Linux, your init.
Bye Chrome. I never really liked you because this kind of shit was always possible in your roadmap.
Mozilla has already taken the initial steps to do this too. The web is about to become a MUCH emptier place when the mice realize that fucking with the bait ensures that the trap always fires off.
I am wondering if Konqueror is a reasonable enough method of looking at websites safely? Are they still working on it? Do they have good script controls now?
"Someone needs to talk to the tree of liberty about its ghoulish drinking problem." by ohnocitizen
That is actually pretty neat. Still the original suggestion of PiHole or whatever is not bad. There are tons of people like me who really would rather not use "the web" but kind of need to for some things. A quick and dirty answer is a reasonable solution.
Slashdot is the only website that I participate in on a regular basis. Figuring out Proximiatron or whatever is not on my todo list as the only website that I use enough to justify that level of control is Slashdot. And Slashdot is not THAT bad.
If the previous discussion between you two were to be viewed as battle, you both won and lost. He won because a quick and dirty solution is sometimes the best choice. You won because you pointed out some software that can completely transform your experience in a way that is desirable for you.
Not every discussion has to have a winner or loser. I don't see that problem here, but it erupts so often that I figured I would address it in an offhand manner here.
"Someone needs to talk to the tree of liberty about its ghoulish drinking problem." by ohnocitizen
My point was that Pi-Hole is a passive band-aid that does nothing at all to help "take back the Web". Simply blocking advertising/malware/porn domains wholesale does nothing to lessen the control of "content creators" over how others are able to view the content they disseminate.
P.S. Slashdot really HAS become that awful, courtesy of its more recent owners who only wish to bleed it dry and contribute nothing; its owners now have no investment in the process other than a monetary one. Their willingness to take a cut from allowing Taboola to display misleading deceptive clickbait ads shows how little they respect their userbase... who actually create the "content" AKA discussions that make the site have value. Taboola is the Exoclick of mainstream advertising: no porn, but every bit as sleazy and deceptive.
(I wouldn't even know how bad the advertising is were it not for Thunderbird recently also adopting WebExtensions and in the process breaking everything I had in place to rework RSS feeds like Slashdot's.)
So?
I'm asking in all seriousness: SO?
Current PCs come with more ram and processing power than you need, unless you're running server daemons (in which case I question the use of a browser at the same time) or games (in which case I don't only question your use of a browser at the same time but you probably already handed your privacy to Origin or Steam anyway).
Add Firefox to that list. I've had a current PC outfitted with enough RAM to make many gaming PCs look whimpy get bogged down by Firefox's memory leaks. Interestingly, while Chrome has its own memory hog issues, Pale Moon runs just fine. This actually is pretty much why I'm willing to believe the claims that Firefox really did manage to patch the (original) memory leak--that, and Firefox did briefly seem to stop leaking memory for a bit just before they decided they really needed to look like Chrome. Which does suggest a bit on where to start looking for where the new leak is coming from...